How to do it...

Ensure Burp and the OWASP BWA VM are running and that Burp is configured in the Firefox browser used to view the OWASP BWA applications.

  1. From the OWASP BWA Landing page, click the link to the OWASP Mutillidae II application.
  2. Open the Firefox browser on the login screen of OWASP Mutillidae II. From the top menu, click Login.
  3. Find the request you just performed within the Proxy | HTTP history table. Look for the call to the login.php page. Highlight the message, move your cursor into the Raw tab of the Request tab, right-click, and click on Send to Intruder:

  1. Switch over to the Intruder | Positions tab, and clear all Burp-defined ...

Get Burp Suite Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.